Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/c68cD--LKHx-uEcYpviNAKC2hmg.roa
File: c68cD--LKHx-uEcYpviNAKC2hmg.roa (raw, json)
Hash identifier: OT5aAuksDGl9hDbPUN13cuJ5TjerW1eMmPXfQcmhkfs=
Subject key identifier: 73:AF:1C:0F:EF:8B:28:7C:7E:B8:47:18:A6:F8:8D:00:A0:B6:86:68
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 018CC348D7E3AB47C516204B7EAF7E2E2DBE
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/c68cD--LKHx-uEcYpviNAKC2hmg.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197211
IP address blocks: 109.104.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d7:e3:ab:47:c5:16:20:4b:7e:af:7e:2e:2d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73af1c0fef8b287c7eb84718a6f88d00a0b68668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f6:bd:53:30:d0:e6:c0:5a:34:be:03:48:59:
a6:69:f4:ed:57:60:45:bd:15:69:04:ac:29:39:d7:
14:a7:7a:28:af:4d:8a:0f:ec:cc:dc:99:81:04:b8:
ae:8b:e9:97:fe:c8:c0:25:b8:57:c9:54:6b:23:cd:
9a:60:1e:af:4b:81:0f:f9:86:86:95:80:03:b5:28:
8e:01:77:44:4b:d7:b2:23:3a:38:b5:12:c0:1d:3e:
87:69:fc:c3:1a:98:4e:eb:36:9c:80:d8:25:0e:65:
b3:60:c8:d3:6d:d5:a9:d3:dc:0e:84:94:fe:cc:8c:
f4:3c:21:3e:3c:e2:a5:bf:c2:e3:ea:a8:f8:a2:e3:
6e:27:c9:09:7c:ba:b4:a8:ef:76:bb:1a:01:a5:e8:
cc:df:e8:81:42:de:b7:65:d3:37:f2:21:d0:ca:30:
15:64:a3:f3:85:c5:8b:da:d9:10:d6:39:14:cb:99:
11:15:21:e9:43:71:d6:cf:f5:42:8f:9e:8c:1c:09:
ab:ee:1d:40:1a:d7:fc:23:c1:4d:78:25:47:be:89:
d0:4d:9b:73:86:01:bc:fd:8b:cd:df:7b:ab:2a:4c:
c6:0c:b9:c2:f3:cb:7e:8e:76:be:bc:95:ab:65:35:
77:de:70:28:c4:93:e1:d5:dd:0f:ca:76:ef:ee:61:
98:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AF:1C:0F:EF:8B:28:7C:7E:B8:47:18:A6:F8:8D:00:A0:B6:86:68
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/c68cD--LKHx-uEcYpviNAKC2hmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.246.0/24
Signature Algorithm: sha256WithRSAEncryption
53:40:01:47:48:ad:bd:5c:d5:89:03:b0:35:9f:f4:47:4b:18:
23:0a:4a:04:18:d3:f0:c3:6a:18:43:df:3a:b5:3a:80:4a:9b:
6f:e1:66:cd:4e:45:38:5c:62:d1:1d:70:96:9a:eb:5d:d8:5e:
34:7b:91:87:10:4e:79:55:89:a5:7e:ae:21:f8:a2:d9:42:05:
55:5c:84:2f:9c:e1:77:97:71:56:81:e4:da:b0:41:2f:10:05:
4d:ca:69:3d:74:6d:9b:f8:52:79:28:f6:20:98:cd:e6:13:6f:
ad:2a:ae:ab:f3:1a:d8:e2:3f:8d:8e:49:cc:81:28:35:13:6c:
2d:f8:3a:ed:7b:2d:10:5f:3a:b4:e9:35:35:46:06:33:0c:92:
32:7e:11:51:d3:69:fd:5b:65:27:ac:fa:3c:79:d7:a9:3c:5c:
e1:b7:c4:64:e6:6a:d4:79:27:85:ed:7b:3e:09:70:31:9e:bc:
87:cc:2f:a8:73:91:22:e2:b3:60:76:6b:5d:89:8c:58:2f:24:
4a:af:9f:91:ca:34:ee:8b:89:c0:1e:3d:fd:53:ed:3b:44:4c:
cb:c9:5a:27:f0:dd:67:cb:5b:ab:45:08:14:62:d7:29:f0:f3:
2d:cd:53:b6:e8:55:ce:0f:6c:b4:19:b6:c5:33:39:5e:b5:55:
45:61:0c:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNfjq0fFFiBLfq9+Li2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2FmMWMwZmVmOGIyODdjN2ViODQ3MThhNmY4OGQwMGEwYjY4NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiva9UzDQ5sBaNL4DSFmmafTtV2BF
vRVpBKwpOdcUp3oor02KD+zM3JmBBLiui+mX/sjAJbhXyVRrI82aYB6vS4EP+YaG
lYADtSiOAXdES9eyIzo4tRLAHT6HafzDGphO6zacgNglDmWzYMjTbdWp09wOhJT+
zIz0PCE+POKlv8Lj6qj4ouNuJ8kJfLq0qO92uxoBpejM3+iBQt63ZdM38iHQyjAV
ZKPzhcWL2tkQ1jkUy5kRFSHpQ3HWz/VCj56MHAmr7h1AGtf8I8FNeCVHvonQTZtz
hgG8/YvN33urKkzGDLnC88t+jna+vJWrZTV33nAoxJPh1d0Pynbv7mGYAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHOvHA/viyh8frhHGKb4jQCgtoZoMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvYzY4Y0QtLUxLSHgtdUVjWXB2aU5BS0MyaG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWj2MA0G
CSqGSIb3DQEBCwUAA4IBAQBTQAFHSK29XNWJA7A1n/RHSxgjCkoEGNPww2oYQ986
tTqASptv4WbNTkU4XGLRHXCWmutd2F40e5GHEE55VYmlfq4h+KLZQgVVXIQvnOF3
l3FWgeTasEEvEAVNymk9dG2b+FJ5KPYgmM3mE2+tKq6r8xrY4j+NjknMgSg1E2wt
+Drtey0QXzq06TU1RgYzDJIyfhFR02n9W2UnrPo8edepPFzht8Rk5mrUeSeF7Xs+
CXAxnryHzC+oc5Ei4rNgdmtdiYxYLyRKr5+RyjTui4nAHj39U+07REzLyVon8N1n
y1urRQgUYtcp8PMtzVO26FXOD2y0GbbFMzletVVFYQzN
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:02:12 2024 by rpki-client on console-fra.rpki-client.org